diff --git a/manifest.xml b/manifest.xml
index 46e36bfb..b46c1d7c 100644
--- a/manifest.xml
+++ b/manifest.xml
@@ -254,6 +254,24 @@
default
+
+ android.hardware.tetheroffload.config
+ hwbinder
+ 1.0
+
+ IOffloadConfig
+ default
+
+
+
+ android.hardware.tetheroffload.control
+ hwbinder
+ 1.0
+
+ IOffloadControl
+ default
+
+
android.hardware.thermal
hwbinder
diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
index 75ffe047..f64def5a 100644
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -55,7 +55,7 @@ type persist_time_file, file_type;
type time_data_file, file_type, data_file_type;
type netmgr_data_file, file_type, data_file_type;
-type ipacm_vendor_data_file, file_type, data_file_type;
+type ipa_vendor_data_file, file_type, data_file_type;
type camera_vendor_data_file, file_type, data_file_type;
type display_vendor_data_file, file_type, data_file_type;
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index cb8a6271..f2d3b4d7 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -148,8 +148,8 @@
/vendor/bin/imsqmidaemon u:object_r:ims_exec:s0
/vendor/bin/imsdatadaemon u:object_r:ims_exec:s0
/vendor/bin/ims_rtp_daemon u:object_r:hal_imsrtp_exec:s0
-/vendor/bin/ipacm u:object_r:ipacm_exec:s0
-/vendor/bin/ipacm-diag u:object_r:ipacm_exec:s0
+/vendor/bin/ipacm u:object_r:hal_tetheroffload_default_exec:s0
+/vendor/bin/ipacm-diag u:object_r:hal_tetheroffload_default_exec:s0
/vendor/bin/qmuxd u:object_r:qmuxd_exec:s0
/vendor/bin/cnd u:object_r:cnd_exec:s0
# Remove after b/38447389
@@ -238,7 +238,7 @@
/data/vendor/ramdump(/.*)? u:object_r:ramdump_vendor_data_file:s0
/data/vendor/modem_dump(/.*)? u:object_r:modem_dump_file:s0
/data/vendor/ese(/.*)? u:object_r:ese_vendor_data_file:s0
-/data/vendor/ipa(/.*)? u:object_r:ipacm_vendor_data_file:s0
+/data/vendor/ipa(/.*)? u:object_r:ipa_vendor_data_file:s0
/data/vendor/time(/.*)? u:object_r:time_vendor_data_file:s0
# /
diff --git a/sepolicy/vendor/hal_tetheroffload_default.te b/sepolicy/vendor/hal_tetheroffload_default.te
new file mode 100644
index 00000000..273f8eca
--- /dev/null
+++ b/sepolicy/vendor/hal_tetheroffload_default.te
@@ -0,0 +1,24 @@
+# associate netdomain to use for accessing internet sockets
+net_domain(hal_tetheroffload_default)
+
+userdebug_or_eng(`
+ # Allow using the logging file between ipacm and ipacm-diag
+ unix_socket_send(hal_tetheroffload_default, ipacm, hal_tetheroffload_default)
+')
+# Allow operations with /dev/ipa, /dev/wwan_ioctl and /dev/ipaNatTable
+allow hal_tetheroffload_default ipa_dev:chr_file rw_file_perms;
+
+# Allow receiving NETLINK messages
+allow hal_tetheroffload_default self:{
+ netlink_socket
+ netlink_generic_socket
+} create_socket_perms_no_ioctl;
+
+# Allow creating and modifying the PID file
+allow hal_tetheroffload_default ipa_vendor_data_file:dir w_dir_perms;
+allow hal_tetheroffload_default ipa_vendor_data_file:file create_file_perms;
+
+# Register to hwbinder service
+add_hwservice(hal_tetheroffload_default, hal_tetheroffload_hwservice)
+hwbinder_use(hal_tetheroffload_default)
+get_prop(hal_tetheroffload_default, hwservicemanager_prop)
diff --git a/sepolicy/vendor/hwservice.te b/sepolicy/vendor/hwservice.te
index a8dc6534..91901c7d 100644
--- a/sepolicy/vendor/hwservice.te
+++ b/sepolicy/vendor/hwservice.te
@@ -1,7 +1,6 @@
type vnd_ims_radio_hwservice, hwservice_manager_type;
type vnd_qcrilhook_hwservice, hwservice_manager_type;
type hal_imsrtp_hwservice, hwservice_manager_type;
-type hal_ipacm_hwservice, hwservice_manager_type;
#TODO Move the following 2 types public SE policy (b/62574674)
type hal_cne_hwservice, hwservice_manager_type;
type hal_imsrcsd_hwservice, hwservice_manager_type;
diff --git a/sepolicy/vendor/hwservice_contexts b/sepolicy/vendor/hwservice_contexts
index ff364bc8..3b6bf789 100644
--- a/sepolicy/vendor/hwservice_contexts
+++ b/sepolicy/vendor/hwservice_contexts
@@ -3,7 +3,7 @@ com.qualcomm.qti.qcril.qcrilhook::IQtiOemHook u:object_r:vnd_q
com.qualcomm.qti.uceservice::IUceService u:object_r:hal_imsrcsd_hwservice:s0
vendor.qti.qcril.am::IQcRilAudio u:object_r:vnd_qcrilhook_hwservice:s0
com.qualcomm.qti.imsrtpservice::IRTPService u:object_r:hal_imsrtp_hwservice:s0
-android.hardware.tetheroffload.config::IOffloadConfig u:object_r:hal_ipacm_hwservice:s0
-android.hardware.tetheroffload.control::IOffloadControl u:object_r:hal_ipacm_hwservice:s0
+android.hardware.tetheroffload.config::IOffloadConfig u:object_r:hal_tetheroffload_hwservice:s0
+android.hardware.tetheroffload.control::IOffloadControl u:object_r:hal_tetheroffload_hwservice:s0
com.quicinc.cne.api::IApiService u:object_r:hal_cne_hwservice:s0
com.quicinc.cne.server::IServer u:object_r:hal_cne_hwservice:s0
diff --git a/sepolicy/vendor/ipacm.te b/sepolicy/vendor/ipacm.te
deleted file mode 100644
index 1e9310ad..00000000
--- a/sepolicy/vendor/ipacm.te
+++ /dev/null
@@ -1,30 +0,0 @@
-# General definitions
-type ipacm, domain;
-type ipacm_exec, exec_type, vendor_file_type, file_type;
-init_daemon_domain(ipacm)
-
-# associate netdomain to use for accessing internet sockets
-net_domain(ipacm)
-
-userdebug_or_eng(`
- # Allow using the logging file between ipacm and ipacm-diag
- unix_socket_send(ipacm, ipacm, ipacm)
-')
-# Allow operations with /dev/ipa, /dev/wwan_ioctl and /dev/ipaNatTable
-allow ipacm ipa_dev:chr_file rw_file_perms;
-
-# Allow receiving NETLINK messages
-allow ipacm self:{
- netlink_socket
- netlink_generic_socket
-} create_socket_perms_no_ioctl;
-
-# Allow creating and modifying the PID file
-allow ipacm ipacm_vendor_data_file:dir w_dir_perms;
-allow ipacm ipacm_vendor_data_file:file create_file_perms;
-
-# To register ipacm to hwbinder
-add_hwservice(ipacm, hal_ipacm_hwservice)
-hwbinder_use(ipacm)
-get_prop(ipacm, hwservicemanager_prop)
-binder_call(ipacm, system_server)